Package com.evolveum.midpoint.authentication.api.config

Interface ModuleAuthentication

All Known Subinterfaces:
ArchetypeSelectionModuleAuthentication, AttributeVerificationModuleAuthentication, CorrelationModuleAuthentication, CredentialModuleAuthentication, FocusIdentificationModuleAuthentication, RemoteModuleAuthentication
public interface ModuleAuthentication
Wrapper for authentication module, provide all information about actual state and contains method that help during authentication and maybe specific for current authentication module. This class contains Authentication that can be token that define midPoint or token defined by spring security. This token is generated by providers and contains basic information about authenticated object for current authentication module, in most cases we need this token for logout. This class wraps necessity sequence module and add attributes such as state.
Author:
skublik

  • Method Details

    • getModuleIdentifier

      String getModuleIdentifier()
      Returns:
      identifier of the authentication module, get from configuration

    • getModuleTypeName

      String getModuleTypeName()
      Returns:
      type of authentication module

    • getState

      AuthenticationModuleState getState()
      Returns:
      state of module

    • setState

      void setState(AuthenticationModuleState state)

    • getAuthentication

      org.springframework.security.core.Authentication getAuthentication()
      Returns:
      authentication token for module

    • setAuthentication

      @Experimental void setAuthentication(org.springframework.security.core.Authentication authentication)

    • getPrefix

      String getPrefix()
      Returns:
      prefix used in url

    • getFocusType

      QName getFocusType()
      Returns:
      type of authenticated object, get from configuration

    • getNecessity

      AuthenticationSequenceModuleNecessityType getNecessity()
      Returns:
      necessity for this module

    • getOrder

      Integer getOrder()
      Returns:
      order for this module

    • applicable

      boolean applicable()
      Decide if the module should be evaluated during sequence evaluation. Module can be skipped, e.g. when acceptEmpty is set to true and credential type doesn't exist. Example usage: Hint might be configured for some users but not fo all. We want to show hint when it is set, but not, if it's not. Therefore, hint module should user acceptEmpty = true and this module will be automatically skipped when no hint is set.

    • isSufficient

      boolean isSufficient()
      Very bad name :) Specify is the module on its own is considered as sufficient for the authentication to succeed. For example, password authenticated is sufficient, therefore user should be authenticated and allowed to work with midPoint. But focusIdentification cannot be considered as sufficient, as it might be of a great risk to allow user to authenticate only with using primary identifier. Insufficient modules are: focusIdentification, attributeVerification, hint If only those modules are in sequence, sequence cannot be evaluated as successuly authenticated

    • setSufficient

      void setSufficient(boolean sufficient)

    • setFailureData

      void setFailureData(AutheticationFailedData autheticationFailedData)

    • getFailureData

      AutheticationFailedData getFailureData()

    • recordFailure

      void recordFailure(org.springframework.security.core.AuthenticationException exception)

    • setFocusType

      void setFocusType(QName focusType)

    • clone

      ModuleAuthentication clone()